ep_read() acquires data->lock mutex in get_ready_ep() and releases it on
all paths except for one: when usb_endpoint_xfer_isoc() failed. The
patch adds mutex_unlock(&data->lock) at that path.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Alexey Khoroshilov<[email protected]>
---
drivers/usb/gadget/inode.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/drivers/usb/gadget/inode.c b/drivers/usb/gadget/inode.c
index 3ed73f4..a01383f 100644
--- a/drivers/usb/gadget/inode.c
+++ b/drivers/usb/gadget/inode.c
@@ -386,8 +386,10 @@ ep_read (struct file *fd, char __user *buf, size_t
len, loff_t *ptr)
/* halt any endpoint by doing a "wrong direction" i/o call */
if (usb_endpoint_dir_in(&data->desc)) {
- if (usb_endpoint_xfer_isoc(&data->desc))
+ if (usb_endpoint_xfer_isoc(&data->desc)) {
+ mutex_unlock(&data->lock);
return -EINVAL;
+ }
DBG (data->dev, "%s halt\n", data->name);
spin_lock_irq (&data->dev->lock);
if (likely (data->ep != NULL))
-- 1.7.0.4
On Wed, Mar 09, 2011 at 10:41:31AM +0300, Alexey Khoroshilov wrote:
> ep_read() acquires data->lock mutex in get_ready_ep() and releases it on
> all paths except for one: when usb_endpoint_xfer_isoc() failed. The
> patch adds mutex_unlock(&data->lock) at that path.
>
> Found by Linux Driver Verification project (linuxtesting.org).
>
> Signed-off-by: Alexey Khoroshilov<[email protected]>
Need a space after your name and before the email address.
Anyway, your patch is still line-wrapped and the leading spaces stripped
off, making it impossible to apply. After hand-editing it, it still
fails, are you sure you made this against the linux-next tree?
Care to try again?
thanks,
greg k-h